Plain Text Password Vulnerability in Dell VxRail Products
CVE-2024-39575

7.4HIGH

Key Information:

Vendor: Dell
Status: Dell Vxrail Appliance
Vendor: CVE Published:; 16 June 2026

What is CVE-2024-39575?

A security vulnerability exists in Dell VxRail due to the update_disk_psu_baseline.sh script requiring a password in plain text. This design flaw may lead to unauthorized access issues, compromising the security of the affected systems. Organizations using VxRail versions 7.0.520 and 7.0.521 should investigate and apply necessary patches to mitigate potential risks.

Affected Version(s)

Dell EMC VxRail Appliance 0 < 7.0.520

References

https://www.dell.com/support/kbdoc/en-us/000226270/dsa-20...

vendor-advisory

CVSS V3.1

Score:

7.4

Severity:

HIGH

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 16, 2026
Vulnerability Reserved
Jun 26, 2024

CVE-2024-39575 Data

JSON